Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OpenClaw < 2026.3.28 - Exec Allowlist Bypass via Unregistered /usr/bin/script Wrapper
Vulnerability Description
OpenClaw before 2026.3.28 contains an exec allowlist bypass vulnerability where allow-always persistence fails to unwrap /usr/bin/script and similar wrappers before storing trust decisions. Attackers can obtain user approval for one wrapped command to persist trust for wrapper binaries that execute different underlying programs.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
在安全决策中依赖未经信任的输入
Vulnerability Title
OpenClaw 安全漏洞
Vulnerability Description
OpenClaw是OpenClaw开源的一个智能人工助理。 OpenClaw 2026.3.28之前版本存在安全漏洞,该漏洞源于执行允许列表绕过漏洞,always-always持久化在存储信任决策之前未能解包/usr/bin/script和类似的包装器。攻击者可以为一条包装命令获得用户批准,从而持久化信任执行不同底层程序的包装器二进制文件。
CVSS Information
N/A
Vulnerability Type
N/A